Solved: Single Host ACL for Single Destination IP

Jeffrey Simon · ‎05-01-2013

I have a host in my network that I would like to allow to reach all local resources, but only one public IP address. I have been reading about access lists but I am getting confused with the "source wildcard bits". For the sake of this example, I want the host to be able to access 10.0.0.0/8. and a single public IP address of 8.8.8.8. Can someone please show me the config for this?

I do not want my host to be able to reach any other IP addresses.

Thank you very much in advance!

Sindhu_kumar · ‎05-01-2013

ip access-list extended any_name or number_b/w (100 -199)

permit ip host x.x.x.x 10.0.0.0 0.255.255.255

permit ip host x.x.x.x host 8.8.8.8

deny ip any any log

we need to apply this acl to take effect.

For example Fa0/1 is the LAN interface then

int fa0/1

ip access-group acl_name or number_b/w (100-199) in

View solution in original post

Sindhu_kumar · ‎05-01-2013